British Railway Passengers Attacked

Uploaded on 2024-09-27 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Wi-Fi networks at a number of train stations across the UK have been suspended after being hacked. British Transport Police are investigating after there was an attack on Wi-Fi networks at 19 stations across the country, which are run by Network Rail. 

Passengers logging onto the Wi-Fi saw a webpage containing details of Islamist terrorist incidents in the UK and abroad. So far, no personal data is known to have been affected. 

Now, a man has been arrested after passengers at many of the nation's busiest train stations were affected 

The police say the suspect is an employee of Global Reach Technology, which provides  Wi-Fi services to Network Rail. The man was arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988. 

  • Ten London Stations in were were affected: They are: Euston, Victoria, King’s Cross, London Bridge, Cannon Street, Charing Cross, Liverpool Street, Paddington, Clapham Junction and Waterloo.
  • Stations outside London affected include: Manchester Piccadilly, Birmingham New Street, Glasgow Central, Leeds City, Liverpool Lime Street, Bristol Temple Meads, Edinburgh Waverley, Reading, and Guildford.

This incident follows a recent attack on Transport for London which runs Bus, Underground, Overground and other public transport services in the capital. That exploit is understood to have potentially exposed the bank account details of about 5k train passengers, either via activity on their Oyster card account or refund data. This data includes account numbers and sort codes.

A 17-year-old male was arrested on September 5th on suspicion of Computer Misuse Act offences in relation to that attack. 

In coment, Kev Eley, Vice President UKI at Exabeam said “The cyberattack on Network Rail marks a major cybersecurity incident in the UK.. There are several layers to this incident that make it particularly concerning. Firstly, there is the sheer scale of the attack and the widespread disruption that comes with this... Beyond the disruption caused, the attack raises questions around the security of personal data used to access National Rail Wi-Fi services...

What makes this attack even more worrying is its potential to cause widespread panic due to the nature of the message displayed to passengers when they logged into the Wi-Fi.

Ultimately, this incident serves as an important reminder of the significant risk posed by third-party suppliers and why it is vital that this element of cybersecurity is not overlooked." Eley said

Standard   |   Independent   |   BBC   |   Guardian   |    Sky  |   Mail

Image: @networkrail

You Might Also Read: 

Attack On Transport For London Exposed Passenger Bank Details:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Will Hezbollah Launch Cyber Attacks On Israel?
The Key Issues For SME Cyber Security [extract] »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Council of Europe - Cybercrime Programme Office (C-PROC)

Council of Europe - Cybercrime Programme Office (C-PROC)

The Cybercrime Programme Office of the Council of Europe is responsible for assisting countries worldwide in strengthening their legal systems capacity to respond to cybercrime

Willis Towers Watson

Willis Towers Watson

Willis Towers Watson is a global risk management, insurance brokerage and advisory company. Services offered include Cyber Risks insurance.

Secure India

Secure India

Secure India provides Forensic Solutions that help Government and Business in dealing with prevention and resolution of Cyber related threats.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC) was founded to develop and implement information security practices in Dubai.

Jeffer Mangels Butler & Mitchell LLP (JMBM)

Jeffer Mangels Butler & Mitchell LLP (JMBM)

JMBM is a full service law firm providing counseling and litigation services in a wide range of areas including cyber security.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

Onfido

Onfido

Onfido is building the new identity standard for the internet. We digitally prove people’s real identities using a photo ID and facial biometrics.

LiveAction

LiveAction

LiveAction provides end-to-end visibility of network and application performance from a single pane of glass.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

Btech

Btech

Btech is the market leader in providing affordable managed IT security services for credit unions.

TELUS

TELUS

TELUS provide Canadian businesses with the services and solutions they need to securely thrive in a digital world. Partner with a cybersecurity leader you can rely on.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.